Skip to content

Recover gracefully from sleep #941

New issue
New issue
Open
Open
Recover gracefully from sleep#941
Assignees
jackwotherspoon
Labels
priority: p2Moderately-important priority. Fix may not be included in next release.type: feature request‘Nice-to-have’ improvement, new feature or different behavior or design.
@enocom

Description

@enocom
enocom
opened on Dec 20, 2023

Feature Description

When a Connector is running on a machine that goes to sleep for more than 1 hour, when the machine awakes, it will have an expired certificate. Given how TLS 1.3 works, the Connector will not see a failed handshake and will force users to restart the process to fix the problem.

Instead, we should check if the certificate retrieved from the cache is invalid. If it is, we should block on a force refresh attempt until we get a refresh cert.

See GoogleCloudPlatform/cloud-sql-proxy#1788 and GoogleCloudPlatform/cloud-sql-go-connector#686 for details.

This should be ported to AlloyDB Python as well.

Metadata

Assignees

Labels

priority: p2Moderately-important priority. Fix may not be included in next release.type: feature request‘Nice-to-have’ improvement, new feature or different behavior or design.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions